Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6d96c622-4e8a-45b0-838c-248133f31be9.roa
File:                     6d96c622-4e8a-45b0-838c-248133f31be9.roa (raw, json)
Hash identifier:          qtQYaWTLRBzOq75AtpIVukhXfBy/Mog/XkNxDJve4k4=
Subject key identifier:   8A:9C:F0:E9:C0:A9:C6:B1:23:14:10:BB:58:7E:35:DA:BF:12:74:12
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       522E955672F8F8A493C0B54F4EA25FA5E916C119
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6d96c622-4e8a-45b0-838c-248133f31be9.roa
Signing time:             Tue 22 Jul 2025 00:30:20 +0000
ROA not before:           Tue 22 Jul 2025 00:30:20 +0000
ROA not after:            Tue 26 Aug 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        44.216.192.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 23 Jul 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:2e:95:56:72:f8:f8:a4:93:c0:b5:4f:4e:a2:5f:a5:e9:16:c1:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 22 00:30:20 2025 GMT
            Not After : Aug 26 23:59:59 2025 GMT
        Subject: serialNumber=0f2eb877aef9b85bcf46d03a0f90965ce842ef3695ff89285942173e61850993, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:83:70:35:c2:84:26:aa:17:dc:dd:49:2a:2f:
                    30:b4:f8:30:57:0e:bc:05:06:6f:4d:eb:df:d5:97:
                    54:46:21:c7:e7:ca:ff:81:28:b3:bc:8c:8c:cc:39:
                    c9:eb:2a:2f:8f:4b:9e:3d:b2:3d:e0:24:75:87:bd:
                    06:da:5b:ef:7a:25:d0:86:3e:a4:78:e5:44:4e:b0:
                    40:70:5c:56:84:e6:7a:dc:eb:be:0d:ae:9e:38:5d:
                    29:d8:58:3b:07:f0:2f:74:87:11:2b:17:0b:2d:cd:
                    df:e9:00:9c:24:4b:af:3a:6e:77:fe:73:25:82:50:
                    22:54:d0:2e:a9:e0:64:02:aa:dc:ea:88:97:67:4a:
                    03:7b:22:88:97:b1:9f:dd:83:8a:59:5d:86:97:26:
                    c2:b3:ee:05:27:e8:24:6e:ad:88:4b:64:07:8f:45:
                    95:09:b7:19:2f:7f:88:02:1a:7a:ee:45:63:28:fa:
                    3f:49:2c:15:db:ab:4e:17:cc:f8:1b:c2:08:c8:67:
                    be:97:c9:b3:26:b0:da:eb:4d:e3:d0:62:ac:32:f5:
                    ae:63:a2:bf:87:e2:f6:35:70:4c:a4:55:32:d0:62:
                    5b:b9:a0:56:76:f7:b9:26:ed:16:4b:ac:c5:68:d0:
                    82:37:91:cc:75:e4:04:a4:a7:b7:fa:65:5a:9d:8d:
                    2e:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:9C:F0:E9:C0:A9:C6:B1:23:14:10:BB:58:7E:35:DA:BF:12:74:12
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6d96c622-4e8a-45b0-838c-248133f31be9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  44.216.192.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b8:bc:02:d4:10:51:a8:0b:9b:61:53:65:f6:e9:ca:d1:e4:99:
         66:0f:4c:ff:3d:cc:d9:7d:f1:77:ee:5b:c2:cb:67:e6:3c:ab:
         37:13:80:40:f3:f3:54:d1:73:ce:66:8d:36:cd:43:cf:21:4c:
         91:41:25:d5:0c:ea:59:b7:cb:c1:49:88:68:cd:c6:e5:d0:45:
         11:c2:d9:3e:cc:5b:99:1a:cf:74:bb:26:24:05:69:3c:e6:33:
         5b:28:a4:64:56:70:02:40:b7:84:95:07:1e:75:22:6b:7c:0b:
         4e:74:f5:28:52:a8:0e:30:be:c9:41:5f:ce:47:a6:3f:f7:77:
         b1:0a:4c:5c:7e:37:7a:b7:a6:74:d3:c3:05:a2:55:dd:1d:f3:
         ee:e1:82:2e:aa:0d:e5:e9:43:1f:2d:c6:7e:75:60:49:40:18:
         7e:c2:d3:17:26:b0:79:ec:25:1e:d9:1d:43:74:8b:03:32:3e:
         9d:03:aa:4a:4e:30:b4:03:5c:bb:5a:07:37:e6:1e:2a:2e:72:
         ca:d5:21:47:7c:97:75:39:0d:3d:a8:0a:c1:aa:c1:9a:11:52:
         d9:3b:e7:b6:e0:df:28:3e:fb:79:1f:f0:88:54:bc:69:80:6b:
         55:ed:4e:13:0a:ac:ee:22:71:11:b1:50:c5:64:6f:7a:f9:22:
         ed:89:9c:68
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUi6VVnL4+KSTwLVPTqJfpekWwRkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzIyMDAzMDIwWhcNMjUwODI2MjM1OTU5
WjB6MUkwRwYDVQQFE0AwZjJlYjg3N2FlZjliODViY2Y0NmQwM2EwZjkwOTY1Y2U4
NDJlZjM2OTVmZjg5Mjg1OTQyMTczZTYxODUwOTkzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDhg3A1woQmqhfc3UkqLzC0+DBXDrwFBm9N69/Vl1RGIcfn
yv+BKLO8jIzMOcnrKi+PS549sj3gJHWHvQbaW+96JdCGPqR45UROsEBwXFaE5nrc
674Nrp44XSnYWDsH8C90hxErFwstzd/pAJwkS686bnf+cyWCUCJU0C6p4GQCqtzq
iJdnSgN7IoiXsZ/dg4pZXYaXJsKz7gUn6CRurYhLZAePRZUJtxkvf4gCGnruRWMo
+j9JLBXbq04XzPgbwgjIZ76XybMmsNrrTePQYqwy9a5jor+H4vY1cEykVTLQYlu5
oFZ297km7RZLrMVo0II3kcx15ASkp7f6ZVqdjS4vAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUipzw6cCpxrEjFBC7WH412r8SdBIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzZkOTZjNjIyLTRlOGEtNDViMC04MzhjLTI0ODEzM2YzMWJlOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIs2MAwDQYJKoZIhvcNAQELBQADggEBALi8AtQQUagLm2FTZfbpytHkmWYP
TP89zNl98XfuW8LLZ+Y8qzcTgEDz81TRc85mjTbNQ88hTJFBJdUM6lm3y8FJiGjN
xuXQRRHC2T7MW5kaz3S7JiQFaTzmM1sopGRWcAJAt4SVBx51Imt8C0509ShSqA4w
vslBX85Hpj/3d7EKTFx+N3q3pnTTwwWiVd0d8+7hgi6qDeXpQx8txn51YElAGH7C
0xcmsHnsJR7ZHUN0iwMyPp0DqkpOMLQDXLtaBzfmHioucsrVIUd8l3U5DT2oCsGq
wZoRUtk757bg3yg++3kf8IhUvGmAa1XtThMKrO4icRGxUMVkb3r5Iu2JnGg=
-----END CERTIFICATE-----
Generated at Tue Jul 22 06:39:24 2025 by rpki-client